Locking up a user's PC and demanding a payment to release it has proved very profitable for the cyber crime community.
So much so that malware authors have been turning their hand to new variants. Security software specialist Symantec has been taking a closer look at one such, the CryptoDefense trojan that it first detected in February.
Deceiving the user into downloading and installing malicious software is one of the most common ways of attacking endpoint systems.
A good web browser can be an effective aid in blocking these social engineering attempts and the latest research from NSS Labs looks at the leading contenders plus three browsers from China to see how good they are at keeping you safe.
Backing up files is one those New Year’s resolutions/good intention things that we all think about, but often don’t get around to doing. Despite the multitude of options available, it never ceases to amaze me every time I hear someone lament lost Word docs, photos or the like.
It's precisely that sort of disaster which World Backup Day 2014 aims to help users avoid. To drive the point home, the website cites some statistics -- 30 percent of people have never backed up their files, 113 phones are lost or stolen every minute, 29-percent of disasters are caused by accidents and one out of every ten computers is infected with a virus.
The history of malware is a fascinating topic that provides insights into the current landscape. As one of the authors of the Avien Malware Defense Guide, I contributed to the book's chapter on history and will be leveraging and expanding on some of that content here to give context to where we are today.
First what is malware? Malware is a merger of "malicious" and "wares," meaning malicious software. It can range the gamut from traditional viruses and worms to botnets, potentially unwanted Programs (PUPs), adware and spyware. Generally speaking it's software running on your system that can cause unwanted side effects that can be as minor as slow downs and resource utilization, to as severe as data corruption, compromise and leakage of sensitive information.
Keeping systems secure is more difficult than it was a year ago and this is partly down to human error. So says a new study by security awareness company KnowBe4.
The rise of ransomware, the adoption of BYOD, and rapid changes in technology all make it harder for enterprises to guard against threats both inside and outside the organization.
New research by website security specialist Incapsula looks at the impact of DDoS traffic on the internet with data collected over a five month period looking at over 154 million DDoS bot sessions.
It reveals some startling statistics, the main one being that at the application level DDoS bot traffic is up by 240 percent. More than 25 percent of all botnets are located in India, China and Iran, whilst the US ranks fifth in the top ten attacking countries.
Kim Dotcom -- the man behind the infamous MegaUpload, and then Mega -- has been out of the spotlight for a little while, but now he's back with renewed strength. This time around he's not trying to launch a new service, but a new branch of his career. Not content with bringing free cloud storage to the masses, Dotcom is now venturing into politics, launching the Internet Party in New Zealand. He finds himself in an interesting position as he is currently fighting extradition to the US where he faces charges of infringing copyright.
As the name suggests, the Internet Party is concerned primarily with what's happening online. The party has a fairly simple mission statement. "The Internet Party was founded on the spirit of the Internet, to get an open, free, fair, connected and innovative society". It is described as "a party that will give you faster, cheaper Internet, create high-tech jobs, protect your privacy, and safeguard our independence".
Digital currencies can be purchased in their respective markets, or acquired through "mining", which can be done using any computer or smartphone and a special piece of software. Security firm Lookout has just released details on a new piece of malware called CoinKrypt that uses a botnet of Android smartphones to mine for currency.
Because mining is incredibly resource-intensive, the process can severely run down a phone’s battery, eat through a data plan by periodically downloading what is known as a block chain, or a copy of the currency transaction history, and potentially damage hardware by causing it to overheat and burn out.
We run more and more of our lives online today, with multiple accounts for different services. But many of those sites rely on the same few personal identifiers.
Things like your date of birth, social security number and mother’s maiden name may be common to many of your logins, and that’s a problem. If one site's security is breached then your personal identifiers are compromised.
Basecamp, the online collaboration and project management service, found itself on the receiving end of a massive DDoS attack yesterday as 20Gbps of data was pelted at servers. If this was not enough, the attackers tried to hold Basecamp to ransom, saying the server flooding would not come to an end until a fee was paid.
While the attack was underway, Basecamp was effectively taken offline but the team behind the service refused to bow to the ransom demands. Beavering away behind the scenes, technicians were able to restore service to 95 percent of users without parting with any money.
The antivirus industry is getting steamed up about the forthcoming end of XP support. Last week we saw Avast warning of the vulnerabilities users might face.
Today anti-virus specialist Malwarebytes announces its new Anti-Malware Premium product and at the same time is pledging that it will continue to support XP users for life.
I have not hidden the fact that I'm yet to be sold on the idea of wearable tech. A post about smartwatches failing to take off lead to some interesting discussions, and many people leapt to the defense of watch 2.0. Judging from the comments, it seems that there is some love for wearable devices, but it still doesn't appear to be translating into sales. It's not just wearables fans who are quick to defend the honor of their beloved devices, the manufacturers are doing so as well. Google is the latest proponent of strapped-to-the-body-tech, which is hardly surprising considering the company's vested in the market with Glass.
Google Glass has received a bad rap, or so Google seems to think. Not happy to sit back and let the rumormongering run its course, Google has instead written a blog entry aiming to dispel some of the "awesome urban myths" (their words, not mine) that have built up around the technologically advanced spectacles. Considering this is a product that is yet to receive a full public release, it is interesting to see that Google already feels the need to stick up for its baby. But that said, this is a device that has seen the term "glass-holes" coined, even before launch.
Not a good week for Microsoft this week. Things kicked off as Mozilla shunned the Windows Store by opting to stop development of a modern version of Firefox and then things got a little awkward following the investigation of an employee involved in leaking information about Windows. The company then came under fire for accessing the email account of an individual, despite its claims that "Outlook and Hotmail email are and should be private".
There was better news as an LTE version of Surface 2 went on sale opening up a new income stream for the company and new mobile computing opportunities for customers. More good news for users came when OneNote was not only released for Mac, but also made free for all platforms. Mihaita wasn't overly impressed with the Mac version, though.
Gmail has always supported HTTPS, and even made the communications protocol the default option in 2010. Today Google announces it will always use an encrypted HTTPS connection when you check or send email.
"Today's change means that no one can listen in on your messages as they go back and forth between you and Gmail’s servers -- no matter if you're using public Wi-Fi or logging in from your computer, phone or tablet", Nicolas Lidzborski, Gmail Security Engineering Lead says.